Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0554

7 documents6 sources
Severity
2.1LOW
EPSS
0.6%
top 29.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
11
Avaya Converged Communications ServerAvaya Modular Messaging Message Storage ServerAvaya S8300+8 more
Timeline
PublishedAug 6
Latest updateApr 29

Description

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages10 packages

NVDlinux/linux_kernel16 versions+15
NVDgentoo/linux1.4
NVDconectiva/linux8.0, 9.0+1
NVDsuse/suse_linux7 versions+6
NVDavaya/s8300r2.0.0, r2.0.1+1

Also affects: Enterprise Linux 2.1, 3.0

🔴Vulnerability Details

2
GHSA
GHSA-7hp5-737x-3jmh: Linux kernel 22022-04-29
CVEList
CVE-2004-0554: Linux kernel 22004-06-15

💥Exploits & PoCs

1
Exploit-DB
Linux Kernel 2.4.x/2.6.x - Assembler Inline Function Local Denial of Service2004-06-25

📋Vendor Advisories

1
Red Hat
security flaw2004-06-09

💬Community

2
Bugzilla
CVE-2004-0554 security flaw2018-08-16
Bugzilla
CAN-2004-0554 local user can get the kernel to hang2004-06-15